Commit graph

1756 commits

Author SHA1 Message Date
Thamatip Chitpong
d52031a4f1
[NTOS:MM] MmPurgeSegment: Fix missing MmDereferenceSegment cleanup (#7509)
MiGrabDataSection adds a refcount. There is a missing MmDereferenceSegment cleanup in case of range check error.
Fix that by moving MiGrabDataSection calling code to after range check.
2024-11-19 11:17:41 +07:00
Doug Lyons
e0759a5e35
[NTOS:MM] Finish MmAllocateMappingAddress and MmFreeMappingAddress and fix test failures. (#7491)
* [NTOS:MM] Fix MmAllocateMappingAddress and MmFreeMappingAddress and their regression test failures.
Follow up of #7260.
This fixes kmtest:MmReservedMapping failures and hang.
Based on mm-implement-mappingaddress.patch by Thomas Faber and some changes by Oleg Dubinskiy.
kmtest:MmReservedMapping revisions and updates to Vista+ method by Timo Kreuzer.

Signed-off-by: Oleg Dubinskiy <oleg.dubinskij30@gmail.com>
Signed-off-by: Timo Kreuzer <timo.kreuzer@reactos.org>

CORE-10147, CORE-14635, CORE-17409, CORE-19318
2024-11-18 02:44:51 -06:00
Oleg Dubinskiy
83d74e7433
[NTOS:MM] Implement MmAllocate/FreeMappingAddress (#7260)
Implement MmAllocateMappingAddress and MmFreeMappingAddress routines.
Based on mm-implement-mappingaddress.patch by Thomas Faber with some changes from me.
Required by Microsoft NTFS driver (from Windows Server 2003 SP2 only, the one from Windows XP SP3 does not need them) and by NDIS & TDI drivers (both from Windows XP SP3 and Windows Server 2003 SP2). Also they are called when using Dr. Web Security Space 8 filter drivers together with MS FltMgr & TDI.
Fortunately, this part (these two routines) are enough to get the drivers working in both cases, and others (partially incomplete) routines are not badly required, so they can be finished and committed later.
CORE-10147, CORE-14635, CORE-17409, CORE-19318
2024-11-02 15:10:51 +01:00
Ratin Gao
1f4ef448de
[NTOS:EX] Fix SAL notations, Timeout parameter should be optional (#7482)
Fix warnings:

E:\3rdRepo\ReactOS_Fork4\ntoskrnl\ex\keyedevt.c(458): warning C6387: 'Timeout' could be '0': this does not adhere to the specification for the function 'ExpWaitForKeyedEvent'.
E:\3rdRepo\ReactOS_Fork4\ntoskrnl\ex\keyedevt.c(527): warning C6387: 'Timeout' could be '0': this does not adhere to the specification for the function 'ExpReleaseKeyedEvent'.

JIRA issue: None.

Proposed changes
Timeout parameter of those two functions should be optional.
2024-11-01 11:53:28 +01:00
Timo Kreuzer
1d3bce1a59 [NTOS:KE] Make KeFlushQueuedDpcs SMP ready
KeFlushQueuedDpcs is used by some drivers, when unloading or removing a device, to be sure no DPC is still running their code. On a UP system this can be done "inline", on an SMP system, it requires to send an IPI to each processor that has DPCs queued and also synchronize it with the calling thread, which is what KeSetSystemAffinityThread does implicitly: When a queued DPC was detected on a remote processor (implying that processor is currently running at DISPATCH_LEVEL or above), KeSetSystemAffinityThread will schedule the current thread on that processor and send a DPC interrupt. The remote processor will handle that DPC interrupt once it is back below DISPATCH_LEVEL. It will only run the current thread, after all queued DPCs (including threaded DPCs) have finished running.
2024-10-20 16:28:11 +03:00
Serge Gautherie
4c84e191fd
[NTOS:KE/i386] KeStartAllProcessors(): ProcessorCount is a ULONG (#7455)
Let's be explicit.

Addendum to 516ccad (0.4.15-dev-7016).
2024-10-16 22:38:01 +02:00
Hermès Bélusca-Maïto
52192f19d6
[NTOS:KDBG] For SYSREG2: HACK emission of a 'bt' command when entering the debugger
CORE-19807
2024-10-14 23:37:22 +02:00
Hermès Bélusca-Maïto
b15963abb8
[NTOS:KDBG] Reintroduce the capability of KdbpCliInit() to interpret the KDBinit file (#4917)
Addendum to commit baa47fa5e.

Similarly to what was originally done, have KdbpCliInterpretInitFile()
parse the KDBinit file by breaking back into the debugger.
But contrary to before, replace the deprecated call to KdbEnter() by
a standard DbgBreakPointWithStatus(DBG_STATUS_CONTROL_C) . This allows
KdbEnterDebuggerException() to do the KdbpCliInterpretInitFile() call.

Additional fixes and improvements:

- Run KdbpCliInterpretInitFile() in full KDBG environment (interrupts
  disabled, modified IRQL, own stack), like the usual interactive loop.

- The KDBinit data buffer must be in non-paged pool.

- Demote the "Could not open KDBinit" error to a DPRINT, so that it
  doesn't pollute the debug log when the KDBG init function is called
  early (before the storage stack is initialized), or if the file
  doesn't exist -- since this is an optional feature.
2024-10-14 22:51:54 +02:00
Hermès Bélusca-Maïto
b86c4bd522
[NTOS:KDBG] Small improvements for KdbpCliMainLoop() and KdbpDoCommand() (#4917)
- Move the printing pager state reset code (setting the number of
  printed rows and columns to zero, and the output aborted flag)
  to KdbpDoCommand(). This allows to keep the original behaviour,
  while also inheriting it whenever KdbpDoCommand() is invoked
  elsewhere (for example, from KdbpCliInterpretInitFile()).

- Use KdbPuts/Printf() instead of KdbpPrint() for the entry banners,
  so that they aren't subject to the current printing pager state.
  Do the same for the "command unknown" error in KdbpDoCommand().

- Add a "Type 'help' for a list of commands" banner, for the users.

- Replace the do-while-loop with a simple while-loop.
2024-10-14 22:51:52 +02:00
Hermès Bélusca-Maïto
842e40d7cd
[NTOS:KDBG] Minor code style for the following commits 2024-10-14 22:51:51 +02:00
Timo Kreuzer
176de8bd25 [NTOS:PNP] Don't use a pointer to a stack structure in a work-item
Previously FsRtlNotifyVolumeEvent would pass a pointer to a TARGET_DEVICE_CUSTOM_NOTIFICATION structure on the stack to IoReportTargetDeviceChangeAsynchronous, which would store a pointer to it in a work-item and process that after the stack object was already out of scope. This broke x64 boot. Started happening after recent fixes to IoReportTargetDeviceChangeAsynchronous.
2024-10-10 20:28:59 +03:00
Timo Kreuzer
c0590f5de0 [NTOS:MM] Fix PTE protection for executable CoW pages
Fixes Blender x64.
See https://jira.reactos.org/browse/CORE-19761
2024-10-10 17:37:56 +03:00
Adam Słaboń
1d18b12ff7 [NTOS:PNP] PiNotifyTargetDeviceChange: Don't free incorrect buffer 2024-10-07 11:16:03 +02:00
Adam Słaboń
77af265315 [NTOS:PNP] IoReportTargetDeviceChange: Correct the check for system PnP notifications
Now IoReportTargetDeviceChange will process the custom notifications (rather than processing only those that it shouldn't).
2024-10-07 11:16:03 +02:00
Serge Gautherie
8de4d4d2ea
[NTOS:KDBG] Add missing \n to DPRINT() calls (#6018)
And demote/promote some DPRINT()/DPRINT1().
2024-10-07 11:07:47 +02:00
Thamatip Chitpong
259180a568
[NTOS:MM] MmFlushSegment: Simplify return (#7422) 2024-10-07 15:56:29 +07:00
Timo Kreuzer
0c2cdcae83 [REACTOS] Add missing line breaks at end of file 2024-10-06 10:47:11 +03:00
Timo Kreuzer
96c65e94e1 [NTOS:MM] Properly handle execution in NX section
This prevents processes from looping forever, thinking the fault was already resolbed, because the page is writable.
2024-09-16 16:04:43 +03:00
Thomas Faber
bf6af0f52e [NTOS:SE] Mark output parameters as such. 2024-09-12 17:44:13 +03:00
Thomas Faber
156053cafd [NDK] Match AUX_ACCESS_DATA definition with publicly available version.
Looks like public symbols contain this structure starting with Win7,
so we can deduce what it looked like in Win2003.
Note that our previous definition was missing a second ULONG at the
end, which can be seen in the SeQueryInfoToken kmtest -- if you
allocated only sizeof(AUX_ACCESS_DATA), the test would crash with
a 4 byte buffer overflow.
2024-09-12 17:44:13 +03:00
Timo Kreuzer
2913ef5c93 [NTOS:KE/x64] Fix exception information on page faults
Pass a proper write/execute flag in the ExceptionInformation[0] field of the exception record instead of the raw fault code. This fixes comdlg:filedlg wine test, which writes to a write protected resource section, which needs to be handled by kernel32 UnhandledExceptionFilter, which relies on this parameter to be correct.
2024-09-12 17:07:59 +03:00
Timo Kreuzer
78e94a5083 [NTOS:MM] Increase x64 system view and session view size
We have plenty of address space and the desktop heap has grown, so we need some more space.
2024-09-08 10:33:55 +03:00
Serge Gautherie
4b051b914f
[NTOS:PO] Update a comment (#6443)
Addendum to 9e43518 (0.4.15-dev-7560).
2024-09-08 02:29:37 +02:00
Justin Miller
49e07292ed
[NTOS:KE] Clear NpxThread on rundown for SMP as well (#7151)
clear NpxThread on rundown for SMP as well
Fixes the crash whenever a usermode thread is destroyed on x86
2024-08-31 13:18:07 -07:00
Thamatip Chitpong
95c340dfb7
[NTOS:CC] CcRosCreateVacb: Return error code on pool allocation failure (#7275)
Return STATUS_INSUFFICIENT_RESOURCES error code instead of accessing the invalid pointer.
2024-08-30 07:34:48 +07:00
Oleg Dubinskiy
c59e2d20d9 [NTOS:FSRTL] Check for the correct return status when inserting a new Filter Context entry
According to our declaration/definition, IoChangeFileObjectFilerContext returns NTSTATUS, not BOOLEAN. Zero return (which was actually checked before) for BOOLEAN means failure, but for NTSTATUS it's success. So it should (and now actually does) free and fail appropriately only in failure case, but not in success, when it shouldn't.
This fixes most of problems with fltmgr.sys driver from Windows XP/Server 2003 and a lot of 3rd party filter drivers which use it from many apps (Avast Free Antivirus all versions, Avira AntiVir Personal 8.2, Dr. Web Security Space 8.0, Kaspersky Antivirus 2012 etc. etc.).
CORE-14157, CORE-14635, CORE-19318
2024-08-26 11:16:49 +02:00
Oleg Dubinskiy
5d96ba9217
[NTOS:MM] Implement MmProbeAndLockProcessPages (#7221)
Implement undocumented MmProbeAndLockProcessPages routine. Based on mm-implement-mappingaddress.patch by Thomas Faber from CORE-10147, with some improvements from me.
It's badly required by FltMgr.sys driver from Windows XP/Server 2003 and closely used by a lot of apps those are depending on this driver (e. g., Avast Free Antivirus several versions, Avira Antivir Personal 8.2 etc. etc.).
Fixes several asserts from MDL support routines when the 3rd-party minifilter drivers are loading FltMgr.
CORE-14157
2024-08-08 21:02:35 +02:00
Thamatip Chitpong
cf4138fa24 [NTOS:CC] Protect CcFlushCache call with a mutex
Fix crash when the function was called concurrently for the same file by BTRFS driver.
CORE-19664
2024-07-31 18:07:49 +07:00
Thamatip Chitpong
0899f4b2b1 [NTOS:CC] CcFlushCache: Call CcRosReleaseVacb when CcRosFlushVacb fails
CcRosLookupVacb adds a refcount.
2024-07-31 18:07:49 +07:00
Hermès Bélusca-Maïto
3fe12f1a7c
[NTOS:IO] IopCreateArcNamesDisk(): Fix the ArcName link creation condition check.
The bug was introduced in commit 6d0861e9e (r49131).
2024-06-19 17:26:40 +02:00
Hermès Bélusca-Maïto
5e3f3f59df
[NTOS:IO] IopVerifyDiskSignature(): simplify code and SAL2-annotate 2024-06-19 17:25:42 +02:00
Hermès Bélusca-Maïto
85d338ed65
[NTOS:IO] arcname.c: Minor formatting fixes and comments improvements 2024-06-19 17:25:34 +02:00
George Bișoc
fe23a4aaeb
[NTOS:CM] Lock the entire registry down when we unload a hive
The PR #6649 which fixed an issue with orphaned KCBs leaking in memory which also pointed to unloaded registry hives, it also brought a problem.
In CmpEnumerateOpenSubKeys there is a risk of getting hit by a deadlock as we enumerate the cache table to remove empty cache entries.

Fundamentally CmpEnumerateOpenSubKeys locks down a KCB from cache for exclusive use in order to tear down its contents from memory but it doesn't address the fact a KCB might have already been locked in the same calling thread, leading to a recursion.
This leads to random hangs when unloading a hive during system startup (tipically on a clean install).

The solution here is to simply lock the whole registry when we unload a hive so that we don't have to worry the KCBs are getting tampered by anybody else. This also simplifies the code.
Although locking the entire registry while other apps are doing registry related operations to other hives can cause overhead. If this turns out to be bad then we have to rethink the locking mechanism here.

CORE-19539
2024-06-01 16:17:47 +02:00
George Bișoc
5d0117de90
[NTOS:CM] Annotate CmUnloadKey with SAL2 2024-06-01 16:17:47 +02:00
Timo Kreuzer
4fb2fdbac6 [NTOS:CM] Properly unlock registry on failure in NtUnloadKey2 2024-05-23 21:21:35 +02:00
Timo Kreuzer
da64119fe6 [NTOS:CM] Add debug code for analyzing lock issues 2024-05-23 21:21:35 +02:00
Timo Kreuzer
e0495079cb [MSVCRT][NTDLL][NTOS] Add import aliases for _swprintf and _vswprintf 2024-05-22 17:55:38 +02:00
Serge Gautherie
a6298b5c7a
[NTOS:MM] section.c: some trivial cleanup (#5651)
* [NTOS:MM] section.c: Remove unused functions

MiSetControlAreaSymbolsLoaded(),
MiLoadUserSymbols():
Added on 436edb2 (r60802). Never used.

MiSubsectionConsistent():
Added on cda03c0 (r57209). Never used.

MiGetFileObjectForSectionAddress():
Added on 635d9ca (r67810). Calls removed on 0dfd233 (r68123).

MiSetProtectionOnSection():
Added on 9f28638 (r56317). Never used.

Plus,
MmCreateArm3Section():
Add an UNIMPLEMENTED on a specific case.

* [NTOS:MM] section.c: Use static instead of NTAPI for local functions
2024-05-21 11:08:40 +02:00
Doug Lyons
69ebfd671d
[NTOS:EX] Various fixes for Daylight Saving Time transitions (#5868)
* [NTOS:EX] Various fixes for Daylight Saving Time transitions

* Fix automatic time changes when DST starts and ends.
* Currently it takes two cycles of the update provided by w32time to make the actual change.
* Convert Eric Kohl's TimeZoneID code contained in ExRefreshTimeZoneInformation to a new function.
* Use this new function in ExpSetTimeZoneInformation and ExRefreshTimeZoneInformation functions.

CORE-19290
2024-05-05 21:32:04 -05:00
Serge Gautherie
cb6fc76b8b
[NTOS:IO] IoDisconnectInterrupt(): Switch to ExFreePoolWithTag() (#6503)
Follow-up to commit 24a14abf2 (r57412).

HBelusca's comment:
> If this ExFreePoolWithTag() call was left commented, it's probably
> because, back in the day where I introduced it, there was a pool
> corruption that was detected, the source of which was unknown at
> that time. In retrospect, it is most probably the interrupt disconnect
> bug in IoDisconnectInterrupt() that was causing it. Now that this
> bug has been fixed just previously, it should be safe to re-enable
> pool freeing with tag.
2024-05-05 17:03:42 +02:00
Serge Gautherie
347ca5f859
[NTOS:IO] IoConnectInterrupt(): Move InterruptObject assignment where it belongs (#6503)
Addendum to commit d1258e99f (r16229), supersedes commit adf534b28.

CORE-17256
2024-05-05 17:03:28 +02:00
Serge Gautherie
2d442956b4
[NTOS:IO] IoConnectInterrupt(): Fix default spinlock initialization (#6503)
Addendum to commit d1258e99f (r16229).
2024-05-05 17:03:20 +02:00
Serge Gautherie
cbc78e0629
[NTOS:IO] IoDisconnectInterrupt(): Fix disconnecting other interrupts (#6503)
Addendum to commit d1258e99f (r16229).
2024-05-05 17:03:13 +02:00
Hermès Bélusca-Maïto
603fd832d0
[NTOS:IO] IoConnectInterrupt(): Zero-out the allocated structure at the correct place (#6503)
Addendum to commit d1258e99f (r16229).
2024-05-05 17:02:34 +02:00
Serge Gautherie
35d46b23f1
[FORMATTING][NTOS:IO] iomgr/irq.c
- Add a few blank lines.
- Use 2 'continue'.
2024-05-05 16:35:22 +02:00
Timo Kreuzer
5c3b1c78a7 [NTOS:KE] Improve NtRaiseException and NtContinue
- Fix annotations
- Don't use KiServiceExit to return to the caller with an error code, instead just return from the function, that is the same thing.
- Refactor failure path
- Add DPRINTs on failure
2024-05-01 11:30:29 +02:00
Timo Kreuzer
4bc591c6f0 [NTOS:KE] Fix NtRaiseException and NtContinue on x64
- Implement KiExceptionExit, which works like KiServiceExit2, but takes an exception frame as 2nd parameter
- Add a local exception frame to NtRaiseException and NtContinue, which is needed to exit with a full context on x64 and arm
- Use KeContextToTrapFrame again instead of KiSetTrapContext, since we have a proper exception frame now.
2024-05-01 11:30:29 +02:00
Doug Lyons
0f9bf6abb4
[NTOS:CC] Restore unlock/reacquire locks around MmPageOutPhysicalAddress (#5735)
* [NTOS:CC] Restore unlock and reacquire locks around MmPageOutPhysicalAddress which was mistakenly lost in commit 2b14056

* Add bypass for problematic code path for now
2024-04-30 13:59:50 -05:00
Timo Kreuzer
c9864da823 [NTOS:IO] Fix broken pool allocations
ExAllocatePoolWithTag doesn't raise an exception on failure, only ExAllocatePoolWithQuotaTag does. Use that when quotas are relevant instead of silently continuing with a NULL pointer.
2024-04-28 14:06:07 +02:00
Timo Kreuzer
b8e50f787d [NTOS:KE/x64] On syscalls clear nested task flag
When this flag is not cleared and the system returns with an IRET, this causes a #GP. Randomly hit by the umkm:SystemCall test.
2024-04-27 15:12:40 +02:00